General

  • Target

    555585894b9f0df8d3736372a2815389

  • Size

    372KB

  • Sample

    241109-ynfk8a1crm

  • MD5

    555585894b9f0df8d3736372a2815389

  • SHA1

    7130e68fbfa27a6829ee161f0b2b820f536550b1

  • SHA256

    425a78305b09ccfeaa230ebb568044370380db8d22a7140a5e87fe6246af51e8

  • SHA512

    1491664ab9c71bece0e47b6fa15abd03405b44625854a21540765712f2e2d3d327fe1c35e6930a83f357623972fe283081d516ce50e5a6f7fa0ffa7699fcaa3d

  • SSDEEP

    3072:IEDcK6kemaIj8h8qXa5FZwC19bFYo5ijh93MoZPrE3gnbOyJwWof975Z342B:XcKraIy8qqLZ3LYsv0Ww56fxD

Malware Config

Extracted

Family

redline

Botnet

ww

C2

193.106.191.67:44400

Attributes
  • auth_value

    5a1b28ccd05953f5c3f99729c12427cc

Targets

    • Target

      555585894b9f0df8d3736372a2815389

    • Size

      372KB

    • MD5

      555585894b9f0df8d3736372a2815389

    • SHA1

      7130e68fbfa27a6829ee161f0b2b820f536550b1

    • SHA256

      425a78305b09ccfeaa230ebb568044370380db8d22a7140a5e87fe6246af51e8

    • SHA512

      1491664ab9c71bece0e47b6fa15abd03405b44625854a21540765712f2e2d3d327fe1c35e6930a83f357623972fe283081d516ce50e5a6f7fa0ffa7699fcaa3d

    • SSDEEP

      3072:IEDcK6kemaIj8h8qXa5FZwC19bFYo5ijh93MoZPrE3gnbOyJwWof975Z342B:XcKraIy8qqLZ3LYsv0Ww56fxD

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks